<?php
/**
 * user credentials model
 *
 * @author raphael seebacher <raphasee@ee.ethz.ch>
 * @version 0.01
 */
class user_credentials extends db_model {
    protected $data = Array(
      'id' => NULL,
      'user_id' => NULL,
      'server_credentials_id' => NULL,
      'access_token' => NULL,
      'access_token_secret' => NULL,
      'revoked' => NULL,
      'expiry' => NULL
    );

    public function save() {
        $this->escape_data();

        if ($this->data['revoked'] == NULL) {
            $revoked = 'DEFAULT';
        }
        else {
            $revoked = '\''.$this->data['revoked'].'\'';
        }

        if ($this->data['expiry'] == NULL) {
            $expiry = 'DEFAULT';
        }
        else {
            $expiry = '\''.$this->expiry.'\'';
        }

        if ($this->data['id'] == NULL) {
            $q = 'INSERT INTO user_credentials '
                .'(user_id, server_credentials_id, '
                .'access_token, access_token_secret, revoked, expiry) '
                .'VALUES ('
                .($this->data['user_id']).','
                .($this->data['server_credentials_id']).','
                .'\''.($this->data['access_token']).'\','
                .'\''.($this->data['access_token_secret']).'\','
                .$revoked.','.$expiry.')';
        }
        else {
            $q = 'UPDATE user_credentials '
                .'SET '
                .'user_id='.($this->data['user_id']).', '
                .'server_credentials_id='.($this->data['server_credentials_id']).', '
                .'access_token=\''.($this->data['access_token']).'\', '
                .'access_token_secret=\''.($this->data['access_token_secret']).'\', '
                .'revoked='.$revoked.', '
                .'expiry='.$expiry.' '
                .'WHERE id='.($this->data['id']);
        }

        return self::$dbc->query_assoc($q);
    }

    public function revoke() {
        $this->set('revoked', date('Y-m-d H:i:s'));
        $this->save();
    }

    public static function get_by_credentials_server_credentials_id(
      $access_token,
      $access_token_secret,
      $server_credentials_id
    ) {
        $dbc = db_controller::get_instance();

        $q = 'SELECT * '
            .'FROM user_credentials '
            .'WHERE access_token=\''.$dbc->escape($access_token).'\' '
            .'AND access_token_secret=\''.$dbc->escape($access_token_secret).'\' '
            .'AND server_credentials_id='
            .$dbc->escape($server_credentials_id).' '
            .'AND revoked IS NULL AND (expiry IS NULL OR expiry<=NOW()) '
            .'ORDER BY id DESC';
        $result = $dbc->query_assoc($q);

        if (!is_array($result) || !count($result)) {
            throw new error('Given credentials not registered.');
        }
        
        return new user_credentials($result[0]);
    }

    public static function get_by_user_id($user_id) {
        $dbc = db_controller::get_instance();

        $q = 'SELECT * FROM user_credentials '
            .'WHERE user_id='.$dbc->escape($user_id).' '
            .'AND revoked IS NULL AND (expiry IS NULL OR expiry<=NOW()) '
            .'ORDER BY id DESC';
        $result = $dbc->query_assoc($q);

        if (!is_array($result) || !count($result)) {
            throw new error('User with given credentials not registered.');
        }
        
        return new user_credentials($result[0]);
    }

}